Ransomware

01 June 2016
| Tags: Security

Malware is short for 'malicious software' and is a broad term which covers software intentionally designed to compromise a computer. Specific types include key-loggers, worms and viruses and an increasingly worrying trend - ransomware. Let us guide you through some of the dangers and how to avoid them with our guide to Malware.

What is ransomware?

Ransomware is a form of malware which can be downloaded from an unsolicited email or deposited on your machine from an untrustworthy website. Once on your computer it encrypts the hard drive, locking down your files so that you can't access them. It then demands a ransom fee in order to free your computer and often the only option is to comply. This can be particularly damaging if you, like most of us have vital documents and pictures storedon their computers.

In February, the Hollywood Presbyterian Medical Center in America was targeted by ransomware which encrypted critical systems files[1]. The hospital held out for three weeks but was eventually forced to pay the $17,000 ransom. In addition to this, websites such as the New York Times and the BBC were also recently targeted by ransomware[2]. This was delivered through advertising platforms (the international version of the BBC website features adverts). When users logged onto the site they were served an infected advert, which directed the user to malware-infected servers.

Before January 2013 there were 100,000 recorded cases of ransomware, but by the end of 2013 it had risen to 600,000 [3].

How can you prevent this?

If you have a PC, it's vital you have good anti-virus software installed on your computer. These programs protect you from most malware, spyware and viruses.

You also need to make sure your operating system is up to date. Microsoft and Apple release security patches as new threats appear, so it's best to keep up to date to minimise the risk of your computer becoming infected by malware. Even Macs aren't necessarily immune, as researchers have recently discovered ransomware that targets Macbooks [4].

There are also some straightforward measures you can take when using your computer:

Don't click on attachments and links in emails that you don't trust

Often, breaches stem from users opening an infected attachment and then clicking on the yellow bar which reads "enable content". Clicking on this renders the computer compromised, and the ransomware then starts to encrypt files.

Set rules for your emails

It's a good idea to set a 'rule' on your email client that filters out incoming messages containing a '.exe' attachment. These files are executable, meaning that they install and launch potentially dangerous programs.

Be careful where you browse

Also avoid disreputable sites such as adult websites or illegal downloading or streaming sites. These are more likely to be infected by ransomware and other types of malware.

Back up everything!

There are certainly precautions worth taking to minimise risk. Make sure you back up all of your files. There are plenty of cloud storage options available, or there are hard drive solutions that you can buy which would back up your files automatically without you having to remember to do so. If you have a Windows PC then also enable System Restore - if you are compromised then you may be able to restore your system to a pre-infection stage.

These will not eliminate all risk. There are some types of ransomware that are programmed to seek out and destroy back-up or System Restore files, or you could get hit between back-ups.

I have been infected. What do I do now?

Try Googling your specific problem on a different computer. Ransomware uses fear to get money out of its victims, so the more information you have the better. Some types of ransomware, such as CryptoLocker [5], have known fixes which you can apply to jail-break your files, so there's no need to panic.

If that fails, contact a trusted computer expert. They may be able to try something that you have not thought of. If this does not work, and restoring from a back-up or running System Restore isn't an option then you need to contact your local police department get their advice and to report this crime.

Ransomware is a growing problem, but with a bit of savviness and knowledge, you can minimise the risk to you and your computer.

TSB Bank plc is covered by the Financial Services Compensation Scheme and the Financial Ombudsman Service.

Calls may be monitored and recorded in case we need to check we have carried out your instructions correctly and to help us improve our quality of service. Not all telephone banking services are available 24/7.